- Hyundai AutoEver America suffered a breach exposing SSNs, names, and driver’s licenses
- Up to 2.7 million individuals may be affected; phishing risks now elevated
- HAEA hired forensic experts, notified law enforcement, and offers free identity protection
Hyundai AutoEver America (HAEA), the carmaker’s IT-services subsidiary servicing the North American region, has confirmed suffering a cyberattack and lost sensitive customer data as a result.
In a data breach notification letter recently sent out to affected individuals, HAEA explained that the attack began on February 22, 2025, and lasted until March 2, when the attackers were thrown out of the company’s network.
The letter did not say who the attackers were, what kind of information they obtained, or how many people were affected.
Mitigating the damage
However, a filing with the Massachusetts Office of Consumer Affairs and Business Regulation states that the attackers took people’s names, Social Security Numbers (SSNs), and driver’s licenses.
At the same time, BleepingComputer reports the company services 2.7 million cars which, in (superficial) theory, could be the number of people potentially affected by this attack. HAEA has around 5,000 employees, but it is unclear if they are affected by this incident, as well.
By cross-referencing the stolen data with information from other stolen databases, cybercriminals can create more complete victim profiles and then reach out with highly personalized phishing emails which could trick them into sharing passwords, making wire transactions, and similar.
In the aftermath of the attack, HAEA did what most companies do in similar situations – they “hardened” their networks, brought in third-party security professionals for forensic analysis and assistance, and notified law enforcement.
The company is also offering two years of free identity theft and credit monitoring to affected individuals through Epiq.
This is not the first time Hyundai has been targeted by cybercriminals. Last year, Hyundai Motor Europe, the South Korean carmaker’s European division, confirmed suffering a ransomware attack.
The threat actors then were Black Basta, which apparently managed to steal 3TB worth of sensitive company files, but has been inactive since early 2025.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.